MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 14:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add TiltedTemple

Browse source
This commit is contained in:
Mathieu4141 2023-11-20 09:29:06 -08:00
parent 93d9db10a3
commit a08311c5f1
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
clusters/threat-actor.json
View file

@ -13288,6 +13288,22 @@
},
"uuid": "41243ff2-e4f1-4605-9259-ab494c1c8c04",
"value": "Moshen Dragon"
},
{
"description": "One of their notable tools is a custom backdoor called SockDetour, which operates filelessly and socketlessly on compromised Windows servers. The group's activities have been linked to the exploitation of vulnerabilities in Zoho ManageEngine ADSelfService Plus and ServiceDesk Plus.",
"meta": {
"country": "CN",
"refs": [
"https://unit42.paloaltonetworks.com/sockdetour/",
"https://blog.fox-it.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access/",
"https://www.microsoft.com/en-us/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit/"
],
"synonyms": [
"DEV-0322"
]
},
"uuid": "aca6b3d2-1c3b-4674-9de8-975e35723bcf",
"value": "TiltedTemple"
}
],
"version": 294